IT Auditor Senior

Location: McLean, VA

IT Audit - Senior


The Information Systems Audit (ISA) team is part of the Internal Audit Division and provides independent assurance over how Information, Technology, and Operational Resiliency risks are managed at Freddie Mac.

Staff members on the ISA team are highly-skilled audit, risk management, and/or technology professionals with a demonstrated ability to provide value added audit and advisory services to Freddie Mac. The team plays a critical role in shaping Freddie Mac’s approach to managing Information, Technology, and Operational Resiliency risks by providing independent, objective, advisory services, and value-added assurance of risk management, governance, and controls.

The IT Audit Supervisor will be part of this team and focus on executing end-to-end audit services on Information, Technology, and Operational Resiliency risks. This spans over multiple areas while reviewing Freddie Mac’s core business and Information Technology General Controls (ITGCs). As part of the Third Line of Defense, the candidate will work closely with risk management partners in the Second Line of Defense and practitioners in the First Line of Defense (business divisions and Information Technology).


Your Work Falls into The Following Three Categories:


Audit/Project Execution

• Work independently or as part of an audit team and ensure work is completed on time and in keeping with professional standards.

• Perform and document work such as procedure development, walkthroughs and controls testing in accordance with Internal Audit standards.

• Provide consultative advice to business and IT management on current or emerging Information & Technology risk, control and governance matters.

• Based on the work performed, identify and draft strategic, business focused issues and effectively communicate results to relevant stakeholders.

• Monitor management's remediation of identified issues and test the effectiveness of the remediation.

• Lead specific control initiatives and conduct special investigations when needed.


Project Management

• Maintain, track and communicate project status to internal and external stakeholders.

• Assist Audit Manager to supervise the day-to-day audit activities, understand and interact with the business, coordinate with other audit teams, and complete project deliverables.


Training, Project Management & Leadership

• Conduct internal training sessions to share knowledge and best practices.

• Perform people management related tasks such as coaching and project performance evaluations.



• Minimum of 6 years working experience. Experience must include a minimum of 4 years auditing Information & Technology risks in a large IT environment

• Relevant degree in Management Information Systems, Business Administration with an emphasis in Technology, Computer Science, Accounting Information Systems or related discipline

• Implementation experience or compliance review experience of industry standards to include COBIT, NIST, ISO, or ITIL

• Platform, middleware, and application audit experience to include experience with the various levels of the OSI model and technologies including Windows, Unix and, Oracle.

• Basic knowledge of cloud-based tools, applications and vendors such as AWS, Azure, or Google.

• Working knowledge of various change and project management methodologies (SDLC, Agile)

• Preferred CISA, CPA, or CIA or willingness to achieve within 12 months of employment


Keys to Success in This Role:

• Must work well in a team-oriented environment as well as individually

• Must work creatively and analytically in a problem-solving environment

• Must demonstrate effective verbal and written communication and interpersonal skills


Preferred Skills:

• Additional certifications such as PMP, CRISC, CISM, CISSP;

• Experience with data analytics and supporting tools (Tableau, SAS, Python);

• Privacy and Information security risk compliance experience with regulatory environments including GDPR or CCPA